From 5764daae090227bf4c5967900b708392c967be47 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Thu, 1 May 2014 10:45:57 +0200
Subject: hash token with sha512 against timing attacs #3398

---
 test/functional/test_helpers_test.rb           | 2 +-
 test/functional/v1/sessions_controller_test.rb | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'test/functional')

diff --git a/test/functional/test_helpers_test.rb b/test/functional/test_helpers_test.rb
index 845e516..ca85482 100644
--- a/test/functional/test_helpers_test.rb
+++ b/test/functional/test_helpers_test.rb
@@ -27,7 +27,7 @@ class TestHelpersTest < ActionController::TestCase
   def test_login_adds_token_header
     login
     token_present = @controller.authenticate_with_http_token do |token, options|
-      assert_equal @token.id, token
+      assert_equal @token.to_s, token
     end
     # authenticate_with_http_token just returns nil and does not
     # execute the block if there is no token. So we have to also
diff --git a/test/functional/v1/sessions_controller_test.rb b/test/functional/v1/sessions_controller_test.rb
index df0d681..8bb6acd 100644
--- a/test/functional/v1/sessions_controller_test.rb
+++ b/test/functional/v1/sessions_controller_test.rb
@@ -48,7 +48,7 @@ class V1::SessionsControllerTest < ActionController::TestCase
     assert_response :success
     assert json_response.keys.include?("id")
     assert json_response.keys.include?("token")
-    assert token = Token.find(json_response['token'])
+    assert token = Token.find_by_token(json_response['token'])
     assert_equal @user.id, token.user_id
   end
 
-- 
cgit v1.2.3